Revver Guiding Principles

These principles govern how we approach our stewardship of your documents and data:

• Your data is yours.  We apply strong security measures designed to keep it private, isolated and protected.
• You’re in control.  We give you complete control and flexibility over permissions and security settings, and provide clear audit logs for activity in your account.
• Your documents are there when you need them.  We provide a reliable platform for your data that is resilient and backed up so that your data is available when you need it.
• You can trust the Revver platform.  We maintain a secure environment for your documents and follow security best practices, with a focus on continual improvement.
• You choose if and how you use AI features.  We provide you with the latest Artificial Intelligence (AI) capabilities focused on solving real problems, but it is up to you what you want enabled in your account.
• Your data is not used to train AI for other customers.  We protect your documents and data and do not use insights generated from your account outside of your account.

How Revver Works to Protect Your Documents and Data

These are the steps we take to protect your data, following our security policies and industry best practices: 

• Revver has a well functioning security council including regular risk reviews with actionable and measurable improvement plans, as well as a formalized change management process.
• Revver has a high standard within the company for access to any sensitive information or capabilities following the principle of least privilege (PoLP), where users and systems only have the minimum level of access to resources and data necessary to perform their designated functions, no more.
• Revver has robust security and other policies and follows best practices regarding security and risk, including external audits and certifications.  This includes following the NIST cybersecurity framework, regular penetration tests, and SOC1, SOC2, ISO 27001, CSA STAR, and FINRA compliance.
• Revver is designed to ensure data is securely isolated by account.  Documents and data are logically separated and account permissions are always required.
• Revver follows the best practices of major cloud provider partners, including backups, redundancy, and scaling, as well as a dependable disaster recovery (DR) plan.
• Revver has 24/7 monitoring of our systems and applications and an always-available status page for our customers and partners.
• Revver is very thoughtful in our approach to artificial intelligence.  We follow coding best practices only using proven AI models and providers, we always provide account level control of what features (if any) are enabled, and customer data is not used to train AI for other customers.

How You Can Best Use Revver to Protect Your Data

Revver provides robust capabilities for you to take advantage of to protect your data, and we recommend the following best practices:

• Revver provides the tools to set your own custom security policies, and even customize it for different users or groups.  We encourage enforcing complex passwords and/or multi-factor authentication.  We also advocate for appropriate security policies and good practices outside of Revver, such as not sharing passwords and protecting against phishing and other security risks.
• Revver provides robust, granular permission control for documents you store and share.  We encourage you to be thoughtful about who has access to what and what specific item permissions you grant (e.g., view vs. delete).  This can be easily managed as you are thoughtful about your folder structure (including using folder templates) and setup of user groups in Revver.
• Based on your individual compliance needs, Revver advocates for setting appropriate protections of important files and folders through our governance feature – protecting against actions like delete, move, or share for a period of time (or indefinitely) based on the document type.
• Revver also encourages tailored retention policies for your key files and folders based on the type of document and your organization’s requirements, leveraging our automated governance policies to archive or delete files after a specified period of time.

With Revver, you don’t just store documents – you safeguard your business.

more about ai at Revver